def create_signed_url(file, expires=60, secure=False, private_cloudfront=False, expires_at=None):
if not private_cloudfront:
generator = QueryStringAuthGenerator(
settings.AWS_ACCESS_KEY_ID,
settings.AWS_SECRET_ACCESS_KEY,
calling_format=getattr(settings, 'AWS_CALLING_FORMAT',
CallingFormat.SUBDOMAIN),
is_secure=secure)
generator.set_expires_in(expires)
return generator.generate_url(
'GET',
settings.AWS_STORAGE_BUCKET_NAME,
file
)
if secure and hasattr(settings.MEDIA_URL, 'https'):
domain = settings.MEDIA_URL.https()
else:
if hasattr(settings.MEDIA_URL, 'match'):
domain = settings.MEDIA_URL.match(file)
else:
domain = settings.MEDIA_URL
if secure:
domain = domain.replace('http://', 'https://')
else:
domain = domain.replace('https://', 'http://')
url = urljoin(domain, iri_to_uri(file))
if expires_at is None:
expires = int(time.time() + expires)
else:
expires = expires_at
policy = {
'Statement': [{
'Resource': url,
'Condition': {
'DateLessThan': {
'AWS:EpochTime': expires
}
}
}]
}
key = settings.CUDDLYBUDDLY_STORAGE_S3_KEY_PAIR
policy = json.dumps(policy, separators=(',',':'))
sig = rsa.PrivateKey.load_pkcs1(key[1])
sig = rsa.sign(policy, sig, 'SHA-1')
sig = base64.b64encode(sig).replace('+', '-').replace('=', '_').replace('/', '~')
return '%s%sExpires=%s&Signature=%s&Key-Pair-Id=%s' % (
url,
'&' if '?' in url else '?',
expires,
sig,
key[0]
)
def create_signed_url(file, expires=60, secure=False):
generator = QueryStringAuthGenerator(settings.AWS_ACCESS_KEY_ID,
settings.AWS_SECRET_ACCESS_KEY,
calling_format=getattr(
settings, 'AWS_CALLING_FORMAT',
CallingFormat.SUBDOMAIN),
is_secure=secure)
generator.set_expires_in(expires)
return generator.generate_url('GET', settings.AWS_STORAGE_BUCKET_NAME,
file)
def create_signed_url(file, expires=60, secure=False, private_cloudfront=False, expires_at=None):
if not private_cloudfront:
generator = QueryStringAuthGenerator(
settings.AWS_ACCESS_KEY_ID,
settings.AWS_SECRET_ACCESS_KEY,
calling_format=getattr(settings, 'AWS_CALLING_FORMAT',
CallingFormat.SUBDOMAIN),
is_secure=secure)
generator.set_expires_in(expires)
return generator.generate_url(
'GET',
settings.AWS_STORAGE_BUCKET_NAME,
file
)
url = settings.MEDIA_URL
if not isinstance(settings.MEDIA_URL, CloudFrontURLs):
url = CloudFrontURLs(settings.MEDIA_URL)
url = url.get_url(file, force_https=True if secure else False)
if expires_at is None:
expires = int(time.time() + expires)
else:
expires = expires_at
# Use OrderedDict to keep things predictable and testable
policy = OrderedDict()
policy['Resource'] = url
policy['Condition'] = {
'DateLessThan': {
'AWS:EpochTime': expires
}
}
policy = {
'Statement': [
policy
]
}
policy = json.dumps(policy, separators=(',',':'))
key = settings.CUDDLYBUDDLY_STORAGE_S3_KEY_PAIR
dig = SHA.new()
dig.update(policy.encode('utf-8'))
sig = PKCS1_v1_5.new(RSA.importKey(key[1]))
sig = sig.sign(dig)
sig = base64.b64encode(sig).decode('utf-8')
sig = sig.replace('+', '-').replace('=', '_').replace('/', '~')
return '%s%sExpires=%s&Signature=%s&Key-Pair-Id=%s' % (
url,
'&' if '?' in url else '?',
expires,
sig,
key[0]
)
def create_signed_url(file, expires=60, secure=False):
generator = QueryStringAuthGenerator(
settings.AWS_ACCESS_KEY_ID,
settings.AWS_SECRET_ACCESS_KEY,
calling_format=getattr(settings, 'AWS_CALLING_FORMAT',
CallingFormat.SUBDOMAIN),
is_secure=secure)
generator.set_expires_in(expires)
return generator.generate_url(
'GET',
settings.AWS_STORAGE_BUCKET_NAME,
file
)
def create_signed_url(file,
expires=60,
secure=False,
private_cloudfront=False,
expires_at=None):
if not private_cloudfront:
generator = QueryStringAuthGenerator(
settings.AWS_ACCESS_KEY_ID,
settings.AWS_SECRET_ACCESS_KEY,
calling_format=getattr(settings, 'AWS_CALLING_FORMAT',
CallingFormat.SUBDOMAIN),
is_secure=secure)
generator.set_expires_in(expires)
return generator.generate_url('GET', settings.AWS_STORAGE_BUCKET_NAME,
file)
url = settings.MEDIA_URL
if not isinstance(settings.MEDIA_URL, CloudFrontURLs):
url = CloudFrontURLs(settings.MEDIA_URL)
url = url.get_url(file, force_https=True if secure else False)
if expires_at is None:
expires = int(time.time() + expires)
else:
expires = expires_at
policy = {
'Statement': [{
'Resource': url,
'Condition': {
'DateLessThan': {
'AWS:EpochTime': expires
}
}
}]
}
key = settings.CUDDLYBUDDLY_STORAGE_S3_KEY_PAIR
policy = json.dumps(policy, separators=(',', ':'))
sig = rsa.PrivateKey.load_pkcs1(key[1])
sig = rsa.sign(policy, sig, 'SHA-1')
sig = base64.b64encode(sig).replace('+',
'-').replace('=',
'_').replace('/', '~')
return '%s%sExpires=%s&Signature=%s&Key-Pair-Id=%s' % (
url, '&' if '?' in url else '?', expires, sig, key[0])
